A maliciously crafted JT file in Autodesk AutoCAD 2022 may be used to write beyond the allocated buffer while parsing JT files. This vulnerability can be exploited to execute arbitrary code.
References
Link | Resource |
---|---|
https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002 | Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
28 Apr 2022, 15:56
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 6.8
v3 : 7.8 |
CPE | cpe:2.3:a:autodesk:autocad_plant_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_electrical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mep:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_mechanical:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_architecture:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:macos:*:* cpe:2.3:a:autodesk:inventor:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad_map_3d:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:advance_steel:*:*:*:*:*:*:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:-:*:* cpe:2.3:a:autodesk:autocad_lt:*:*:*:*:*:-:*:* cpe:2.3:a:autodesk:autocad:*:*:*:*:*:macos:*:* cpe:2.3:a:autodesk:civil_3d:*:*:*:*:*:*:*:* |
|
References | (MISC) https://www.autodesk.com/trust/security-advisories/adsk-sa-2022-0002 - Vendor Advisory | |
First Time |
Autodesk autocad Map 3d
Autodesk inventor Autodesk autocad Autodesk autocad Electrical Autodesk civil 3d Autodesk autocad Mep Autodesk autocad Plant 3d Autodesk autocad Lt Autodesk advance Steel Autodesk autocad Architecture Autodesk autocad Mechanical Autodesk |
|
CWE | CWE-787 |
19 Apr 2022, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-04-19 21:15
Updated : 2023-12-10 14:22
NVD link : CVE-2022-25788
Mitre link : CVE-2022-25788
CVE.ORG link : CVE-2022-25788
JSON object : View
Products Affected
autodesk
- autocad_plant_3d
- autocad_electrical
- civil_3d
- autocad_lt
- autocad_mep
- inventor
- autocad
- autocad_mechanical
- advance_steel
- autocad_map_3d
- autocad_architecture
CWE
CWE-787
Out-of-bounds Write